It should be off. It might fail to work if your account has no shell.

Interestingly, it's probably a pretty good idea to stop the amateurs doing this sort of thing — accessing, say, http://yoursite.com/yourscript.php?n=%3Brm%20-rf%20* is liable to delete all your files.